IWS - The Information Warfare Site
News Watch Make a  donation to IWS - The Information Warfare Site Use it for navigation in case java scripts are disabled


Congressman Stephen Horn, R-CA Chairman

Oversight  hearing on

"What Can be Done to Reduce the Threats Posed by Computer Viruses and Worms to the Workings of Government"

August 29, 2001



Chairman Steve Horn
Opening Statement 

A quorum being present, this hearing of the Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations will come to order.

The dramatic increase in computer use and the Internet are changing the way we communicate and conduct business. With 58 percent of Americans now having home Internet access, our Federal, State, and local governments increasingly rely on the Internet to conduct business. More than 40 million Americans now perform such routine activities as filing income tax returns, health benefit claims, and renewing driver's licenses electronically. In addition to this wealth of personal information, the government's computer systems hold information that is vital to the security and economic well-being of this Nation.

Unfortunately, these systems are increasingly vulnerable to hostile attacks that are capable of extracting unauthorized information and potentially threatening the Nation's infrastructure. Overall, the number and sophistication of these attacks is rising dramatically. According to the federally funded CERT Coordination Center the number of incidents rose from 9,859 in 1999 to 21,765 in 2000. So far this year, 15,476 incidents have been reported. An increasing number of these attacks, often in the form of viruses or worms, specifically target government systems.

There are more than 48,000 known worms and viruses which enable hackers to gain access to systems and data stored on the infected computers. Some of the most destructive of these programs can delete system and application software and even destroy the hardware itself.

There are nearly 110 million computers with Internet connections, and, as we have seen, these potentially devastating viruses or worms can become an epidemic in microseconds. In 1999, for example, the Melissa virus gained notoriety because of the speed at which it spread. The first confirmed reports of Melissa were received on Friday, March 26, 1999. By Monday, March 29, the virus had affected more than 100,000 computers.

Last year, the "ILOVEYOU" virus created worldwide havoc in a matter of days, costing an estimated $8.7 billion dollars to fix. And last month, worms, called Code Red I and II, burrowed into nearly 1 million computers and affected an estimated 100 million computer users worldwide. E-mail systems went down for days. Workers were locked out of crucial computer files, and some e-commerce ground to a halt. Government web sites came under siege, with the Pentagon shutting down public access to all of its web servers. To date the costs of the Code Red worms have risen to more than $2 billion dollars and are mushrooming to about $200 million dollars per day.

So far, these viruses and worms have not caused irreparable damage to the Federal Government's information systems. However, as the attacks become more sophisticated, the magnitude of the potential threat is colossal. We must do something more than just react to these attacks. There is no easy fix, but governments at every level must be prepared for the next attempted invasion. Computer security must become a priority.

Today, we will examine the extent of the threat to government computer systems, and the need for policy changes to ensure that those systems, which are vital to this Nation and its citizens, are protected.

We welcome our witnesses today, and look forward to their testimony.